Language Selection

English French German Italian Portuguese Spanish

July 2019

4 best Linux sticky-note apps

Filed under
GNU
Linux
Software

There are a lot of great sticky-note apps on the Linux platform that allows users to quickly paste thoughts, lists, and other important information to notes in the form of virtual Post-it notes. But what app is best? Let’s find out in this list of the 5 best Linux sticky-note apps for Linux!

Read more

today's leftovers

Filed under
Misc
  • Linux Pet Peeves: 5 Things That Really Grind my Gears
  • LHS Episode #293: Have Lawn Chair Will Broadcast

    Welcome to the 293rd installment of Linux in the Ham Shack! In the episode, the hosts tackle topics from upcoming RSGB contests on the new, hot FT-4 mode, the origin of "Mayday" as a distress call, magloop antennas, CoreCtrl, the vanishing floppy disk, DMR (Digital Mobile Radio) and much more. Thank you for tuning in and have a wonderful week.

  • DNS-over-HTTPS (DoH) Update – Detecting Managed Networks and User Choice

    At Mozilla, we are continuing to experiment with DNS-over-HTTPS (DoH), a new network protocol that encrypts Domain Name System (DNS) requests and responses. This post outlines a new study we will be conducting to gauge how many Firefox users in the United States are using parental controls or enterprise DNS configurations.

    With previous studies, we have tried to understand the performance impacts of DoH, and the results have been very promising. We found that DoH queries are typically the same speed or slightly slower than DNS queries, and in some cases can be significantly faster. Furthermore, we found that web pages that are hosted by Akamai–a content distribution network, or “CDN”–have similar performance when DoH is enabled. As such, DoH has the potential to improve user privacy on the internet without impeding user experience.

    Now that we’re satisfied with the performance of DoH, we are shifting our attention to how we will interact with existing DNS configurations that users have chosen.  For example, network operators often want to filter out various kinds of content. Parents and schools in particular may use “parental controls”, which block access to websites that are considered unsuitable for children. These controls may also block access to malware and phishing websites. DNS is commonly used to implement this kind of content filtering.

  • New CSS Features in Firefox 68

    Firefox 68 landed earlier this month with a bunch of CSS additions and changes. In this blog post we will take a look at some of the things you can expect to find, that might have been missed in earlier announcements.

  • How to Build a Career in Artificial Intelligence and Machine Learning?

    Math is just one of the skillsets that aspiring AI and ML professionals are expected to have. This is only one half the requirement, the other half is one’s expertise in programming languages, such as Java, C++, Python, and R.

    While C++ helps engineers increase the speed of their coding process, Python will help them understand and create complex algorithms. Python is also the go-to choice for ML developers, and also offers various libraries and frameworks to ease the process of creating an AI model. Similarly, R and Java help professionals understand stats and implement mappers, respectively. They are important considering the role of visualization in explaining AI.

Linux: Systemd, Graphics and Benchmarks

Filed under
Graphics/Benchmarks
Linux
  • Systemd 243 RC1 Brings Its PStore Service, Zen2/RdRand Workaround & More

    Lennart Poettering has made available the first release candidate of the upcoming systemd 243 update. Systemd 243 is a big one in seeing more than 1,700 commits since the April release of systemd 242. 

  • Radeon RADV Vulkan Driver Adds Navi Wave32 Support For Compute Shaders

    Thanks to Valve's open-source driver developer Samuel Pitoiset, there is now experimental support for using Wave32 support on Navi graphics cards for compute shaders. 

    Navi/RDNA brings support for single-cycle issue Wave32 execution as an alternative to Wave64 for better efficiency. Just over a week ago the initial patches landed adding Wave32 support to RadeonSI for their OpenGL driver while now Samuel has tackled the initial implementation in the RADV driver. 

  • Mining Monero Cryptocurrency On The Open-Source POWER9 Raptor Blackbird

    Unlike my POWER8 server, the Blackbird cannot measure its own system power consumption (only the processor's), so I used a simple watt meter to take measurements. When off, with just the BMC on, the system took so little power my meter could not measure it. It kept showing 0 W, so presumably it's under a Watt. At idle, 55 W.

    [...]

    For each SMT mode, I tried six thread options. The SMT scaling is as expected, at SMT1 there are eight threads, and performance drops after; at SMT2 16 threads, and a corresponding drop after. The "more resources for each thread" effect is also slightly visible, with SMT1 having the highest result at eight mining threads.
    In SMT4, the efficiency scaling is quite nice, showing that a mere eight-core is not even close to the bottleneck here.

Server: 'Cloud', virtualisation and IBM/Red Hat

Filed under
Server
  • Cloud Native Applications in AWS supporting Hybrid Cloud – Part 1

    Let us talk first about what is cloud native and the benefits of SUSE Cloud Application Platform and AWS when building cloud native applications.

  • Cloud Native Applications in AWS supporting Hybrid Cloud – Part 2

    In my previous post , I wrote about using SUSE Cloud Application Platform on AWS for cloud native application delivery. In this follow-up, I’ll discuss two ways to get SUSE Cloud Application Platform installed on AWS and configure the service broker:

  • 10 Top Data Virtualization Tools

    With the continuing expansion of data mining by enterprises, it's no longer possible or advisable for an organization to keep all data in a single location or silo. Yet having disparate data analytics stores of both structured and unstructured data, as well as Big Data, can be complex and seemingly chaotic.

    Data virtualization is one increasingly common approach for dealing with the challenge of ever-expanding data. Data virtualization integrates data from disparate big data software and data warehouses - among other sources – without copying or moving the data. Most helpful, it provides users with a single virtual layer that spans multiple applications, formats, and physical locations, making data more useful and easier to manage.

  • Running MongoDB with OCS3 and using different types of AWS storage options (part 3)

    In the previous post I explained how to performance test MongoDB pods on Red Hat OpenShift with OpenShift Container Storage 3 volumes as the persistent storage layer and Yahoo! Cloud System Benchmark (YCSB) as the workload generator.

    The cluster I’ve used in the prior posts was based on the AWS EC2 m5 instance series and using EBS storage of type gp2. In this blog I will compare these results with a similar cluster that is based on the AWS EC2 i3 instance family that is using local attached storage (sometimes referred as "instance storage" or "local instance store").

  • OpenShift 4.1 Bare Metal Install Quickstart

    In this blog we will go over how to get you up and running with a Red Hat OpenShift 4.1 Bare Metal install on pre-existing infrastructure. Although this quickstart focuses on the bare metal installer, this can also be seen as a “manual” way to install OpenShift 4.1. Moreover, this is also applicable to installing to any platform which doesn’t have the ability to provide ignition pre-boot. For more information about using this generic approach to install on untested platforms, please see this knowledge base article.

Proprietary: Microsoft, Apple and Google

Filed under
Google
Microsoft
Mac
  • Netherlands warns government employees not to use Microsoft's online Office apps

    In one example, it was found that some 300,000 top tier Office users, with the ‘365 Pro Plus' package were being sent back to the US for storage - exactly the sort of behaviour that got Dutch backs up.

    In a wider sense, this is a small but public battle in a much larger war, with the EU still leaning heavily on Microsoft to put its post-GDPR house in order.

  • The iPhone now makes up less than half of Apple’s business

    Apple today reported its fiscal third quarter 2019 earnings, earning $53.8 billion in revenue and earnings per share of $2.18. That revenue is a 1 percent jump year over year. iPhone revenue was $25.99 billion compared to $29.47 billion a year ago. That means the iPhone represented under half of Apple’s revenue for the first time since 2012.

    The all-important services unit took in $11.46 billion in revenue. Wearables saw a big boost, likely thanks to Apple’s second-generation AirPods. CEO Tim Cook said that when the services and wearables / home / accessories divisions are combined, they approach the size of a Fortune 50 company. Revenue from Mac sales was $5.82 billion, and iPads were $5.023 billion, up from $4.634 billion last year at this time.

  • Apple Finds Life After the iPhone While Still Banking on the iPhone

    Combined, Apple’s two major independent product lines not attached to the iPhone -- Mac computers and iPads -- made up only 20% of revenue in the fiscal third quarter, despite gains from the period a year ago, the Cupertino, California-based company reported Tuesday. Apple’s also working on a mixed augmented and virtual reality headset for the coming years, but that, too, is likely to be iPhone-reliant.

  • Chrome 76 for Mac, Windows rolling out: Flash blocked by default, Incognito loophole closed, Settings tweak

    As a big HTML5 proponent for the past decade, Google encouraged sites to switch away from Flash for faster, safer, and more battery-efficient browsing. In late 2016 and early 2017, Chrome blocked background Flash elements and defaulted to HTML5, with users having to manually enable the Adobe plug-in on a site-by-site basis.

  • Google Chrome 76 Released for Linux, Windows, and Mac with 43 Security Fixes

    Google promoted today the Chrome 76 web browser to the stable channel for all supported platforms, including GNU/Linux, Windows, and macOS.

    Google Chrome 76.0.3809.87 is now available as the latest stable version of the popular and cross-platform web browser from Google, based on the open source Chromium project. It contains various bug fixes and improvements, as well as no less than 43 security fixes for the latest vulnerabilities.

Devices: Orange Pi Zero, Avalue, RTL-SDR

Filed under
Linux
Hardware
  • Orange Pi Zero LTS SBC Launched for $8.49 and Up

    You can now buy Orange Pi Zero LTS Arm Linux SBC for $8.49 and up. The tiny board is ideal for headless applications with WiFI and Ethernet connectivity.

  • Toughened up embedded PC can run 8th or 9th Gen Coffee Lake CPUs

    Avalue’s rugged “EPS-CFS” computer runs Linux or Win 10 on Intel 8th or 9th Gen Coffee Lake CPUs up to an octa-core Core i7-9700TE, and supplies up to 32GB GB DDR4, 2x SATA bays, 2x GbE, 2x HDMI, and 4x USB 3.2 ports.

    Avalue announced an embedded computer with Intel’s 8th Gen Coffee Lake T-series or the new, but similarly 14nm-fabricated, 9th Gen Coffee Lake Refresh TE-series chips. The EPS-CFS computer, which is built around Avalue’s 3.5-inch ECM-CFS SBC, joins other 9th Gen-ready products including Kontron’s COMe-cWL6 (E2S) and Congatec’s Conga-TS370 COM Express modules.

  • RTL-SDR: Seven Years Later

    When I wrote that article in 2012, the RTL-SDR project and its community were still in their infancy. It took some real digging to find out which TV tuners based on the Realtek RTL2832U were supported, what adapters you needed to connect more capable antennas, and how to compile all the software necessary to get them listening outside of their advertised frequency range. It wasn’t exactly the most user-friendly experience, and when it was all said and done, you were left largely to your own devices. If you didn’t know how to create your own receivers in GNU Radio, there wasn’t a whole lot you could do other than eavesdrop on hams or tune into local FM broadcasts.

    Nearly a decade later, things have changed dramatically. The RTL-SDR hardware and software has itself improved enormously, but perhaps more importantly, the success of the project has kicked off something of a revolution in the software defined radio (SDR) world. Prior to 2012, SDRs were certainly not unobtainable, but they were considerably more expensive. Back then, the most comparable device on the market would have been the FUNcube dongle, a nearly $200 USD receiver that was actually designed for receiving data from CubeSats. Anything cheaper than that was likely to be a kit, and often operated within a narrower range of frequencies.

Drawing is a Promising ‘Microsoft Paint’ Alternative for Linux

Filed under
Software

Looking for a program like Microsoft Paint but for the Linux desktop? Check out the aptly named ‘Drawing‘, a new GTK app that ably fills the gap.

This simple image editor for Linux desktops is made in the mould of the Microsoft Paint. That mean it isn’t trying to out-do The GIMP, pitch itself as an alternative to Photoshop, or pick up where Pinta left off.

What Drawing can’t do is almost as important as what it can do; that’s to say, it’s a simply designed app designed for simple use-cases.

Think meme making, screenshot annotations, wobbly sketched moustaches on selfies, and that sort of thing.

Read more

Security: Small Airplanes, Hutchins, Updates, Windows XP and WireGuard

Filed under
Security
  • US issues hacking security alert for small planes [iophk: as planes become networked, attacks will no longer require physical access, such a thing has happened in cars.]

    The cybersecurity firm, Rapid7, found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems.

    Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot,” according to the DHS alert.

  • Small Airplanes Can Be Hacked to Display False Data in Flight

    However, the [attack] requires physical access.

    [...]

    Rapid7 verified the findings by investigating two commercially available avionics systems. It determined that only "some level of physical access" to the aircraft's wiring was needed to pull of the hack, which could be delivered by attaching a small device to the plane's Controller Area Network (CAN) bus to send the false commands.

    The key problem is that the CAN bus is integrated into the plane's other components without any firewalls or authentication systems in place. This means untrusted connections over a USB adapter hooked up to the plane can send commands to its electronic systems.

  • No Jail Time for “WannaCry Hero” [iophk: the plea "bargain" still means he has become a convicted felon]

    Hutchins’ conviction means he will no longer be allowed to stay in or visit the United States, although Judge Stadtmeuller reportedly suggested Hutchins should seek a presidential pardon, which would enable him to return and work here.

  • Security updates for Wednesday

    Security updates have been issued by CentOS (389-ds-base, curl, and kernel), Debian (libssh2), Fedora (kernel, kernel-headers, and oniguruma), openSUSE (chromium, openexr, thunderbird, and virtualbox), Oracle (389-ds-base, curl, httpd, kernel, and libssh2), Red Hat (nss and nspr and ruby:2.5), Scientific Linux (httpd and kernel), SUSE (java-1_8_0-openjdk, mariadb, mariadb-connector-c, polkit, and python-requests), and Ubuntu (openjdk-8, openldap, and sox).

  • It's 2019, and one third of businesses still have active Windows XP deployments [Ed: The problem is that they use Windows (back doors in all versions), not that they use "XP". They should move corporate data to something secure like BSD and GNU/Linux.]

    Zero-day attacks were the second-most cited concern among IT decision makers, according to SpiceWorks, with 18% of respondents citing that as their primary concern. Insider data leaks were the most cited, at 27%, while attacks on IoT devices was third (17%), followed by supply-chain attacks (15%), DDoS attacks (15%), and cryptojacking (15%). Fewer than 20% of respondents indicated their business was "completely prepared" for common security threats.

    Considering the risks that accompany unsupported software generally, and the larger attack surface that results from an unsupported (or otherwise unpatched) operating system, there is a relative lack of urgency to migrate from Windows 7. Certainly, while paid support for volume licenses is a possibility for some, smaller organizations ineligible for volume licensing will be left out in the cold. To date, Microsoft has shown no signs of wavering in their intent to grant a reprieve to the remaining users of Windows 7. Without a major shift, or a reprieve from Redmond, the prospect of unpatched, internet-connected systems is fertile ground for botnet creation.

  • NordLynx: NordVPN Builds New Tech Around WireGuard

    Well known Panama-based VPN provider NordVPN has announced their NordLynx technology today that is based on the WireGuard protocol.

    NordLynx is the company's new "fast and secure" VPN solution built atop WireGuard. The company describes WireGuard as a "radical change" and "a breath of fresh air in the industry."

NetBSD 9.0 release process has started

Filed under
BSD

If you have been following source-changes, you may have noticed the creation of the netbsd-9 branch!

Read more

Also: NetBSD 9.0 Prepping For Release With AArch64 Support, Kernel ASLR & Better NVMe Perf

More in Tux Machines

OSS: Cisco Openwashing, GitLab Funding, Amazon Openwashing, Chrome OS Talk and More Talks

  • Why Open Source continues to be the foundation for modern IT

    Open source technology is no longer an outlier in the modern world, it's the foundation for development and collaboration. Sitting at the base of the open source movement is the Linux Foundation, which despite having the name Linux in its title, is about much more than just Linux and today is comprised of multiple foundations, each seeking to advance open source technology and development processes. At the recent Open Source Summit North America event held in San Diego, the width and breadth of open source was discussed ranging from gaming to networking, to the movie business ,to initiatives that can literally help save humanity. "The cool thing is that no matter whether it's networking, Linux kernel projects, the Cloud Native Computing Foundation projects like Kubernetes, or the film industry with the Academy Software Foundation (ASWF), you know open source is really pushing innovation beyond software and into all sorts of different areas," Jim Zemlin, executive director of the Linux Foundation said during his keynote address.

  • GitLab Inhales $268M Series E, Valuation Hits $2.75B

    GitLab raised a substantial $268 million in a Series E funding round that was more than doubled what the firm had raised across all of its previous funding rounds and pushed its valuation to $2.75 billion. It also bolsters the company’s coffers as it battles in an increasingly competitive DevOps space. GitLab CEO Sid Sijbrandij said in an email to SDxCentral that the new Series E funds will help the company continue to move on its goal of providing a single application to support quicker delivery of software. It claims more than 100,000 organizations use its platform. “These funds will help us to keep up with that pace and add to that with our company engineers,” Sijbrandij explained. “We need to make sure every part of GitLab is great and that CIOs and CTOs who supply the tools for their teams know that if they bet on GitLab that we’ll stand up to their expectations.”

  • Amazon open-sources its Topical Chat data set of over 4.7 million words [Ed: openwashing of listening devices without even releasing any code]
  • How Chrome OS works upstream

    Google has a long and interesting history contributing to the upstream Linux kernel. With Chrome OS, Google has tried to learn from some of the mistakes of its past and is now working with the upstream Linux kernel as much as it can. In a session at the 2019 Open Source Summit North America, Google software engineer Doug Anderson detailed how and why Chrome OS developers work upstream. It is an effort intended to help the Linux community as well as Google. The Chrome OS kernel is at the core of Google's Chromebook devices, and is based on a Linux long-term support (LTS) kernel. Anderson explained that Google picks an LTS kernel every year and all devices produced in that year will use the selected kernel. At least once during a device's lifetime, Google expects to be able to "uprev" (switch to a newer kernel version). Anderson emphasized that if Google didn't upstream its own patches from the Chrome OS kernel, it would make the uprev process substantially more difficult. Simply saying that you'll work upstream and actually working upstream can be two different things. The process by which Chrome OS developers get their patches upstream is similar to how any other patches land in the mainline Linux kernel. What is a bit interesting is the organizational structure and process of how Google has tasked Chrome OS developers to work with upstream. Anderson explained that developers need to submit patches to the kernel mailing list and then be a little patient, giving some time for upstream to respond. A key challenge, however, is when there is no response from upstream. "When developing an upstream-first culture, the biggest problem anyone can face is silence," Anderson said. Anderson emphasized that when submitting a patch to the mailing list, what a developer is looking for is some kind of feedback; whether it's good or bad doesn't matter, but it does matter that someone cares enough to review it. What the Chrome OS team does in the event that there is no community review is it will have other Chrome OS engineers publicly review the patch. The risk and worry of having Chrome OS engineers comment on Chrome OS patches is that the whole process might look a little scripted and there could be the perception of some bias as well. Anderson noted that it is important that only honest feedback and review is given for a patch.

  • Open Source Builds Trust & Credibility | Karyl Fowler

    Karyl Fowler is co-founder and CEO of Transmute, a company that’s building open source and decentralized identity management. We sat down with Fowler at the Oracle OpenWorld conference to talk about the work Transmute is doing.

  • What Is Infrastructure As Code?

    Rob Hirschfeld, Founder, and CEO of RackN breaks Infrastructure As Code (IaC) into six core concepts so users have a better understanding of it.

  • Everything You Need To Know About Redis Labs

    At the Oracle OpenWorld conference, we sat down with Kyle Davis – Head of Developer Advocacy at Redis Labs – to better understand what the company does.

Programming: Java, Python, and Perl

  • Oracle Releases Java 13 with Remarkable New Features

    Oracle – the software giant has released Java SE and JDK 13 along with the promise to introduce more new features in the future within the six-month cycle. The Java 13’s binaries are now available for download with improvements in security, performance, stability, and two new additional preview features ‘Switch Expressions’ and ‘Text Blocks’, specifically designed to boost developers’ productivity level. This gives the hope that the battle of Java vs Python will be won by the former. Remarking on the new release, Oracle said: “Oracle JDK 13 increases developer productivity by improving the performance, stability and security of the Java SE Platform and the JDK,”. [...] Speaking of the Java 13 release, it is licensed under the GNU General Public License v2 along with the Classpath Exception (GPLv2+CPE). The director of Oracle’s Java SE Product Management, Sharat Chander stated “Oracle offers Java 13 for enterprises and developers. JDK 13 will receive a minimum of two updates, per the Oracle CPU schedule, before being followed by Oracle JDK 14, which is due out in March 2020, with early access builds already available.” Let’s look into the new features that JDK 13 comes packed with.

  • 8 Python GUI Frameworks For Developers

    Graphical User Interfaces make human-machine interactions easier as well as intuitive. It plays a crucial role as the world is shifting.

  • What's In A Name? Tales Of Python, Perl, And The GIMP

    In the older days of open source software, major projects tended to have their Benevolent Dictators For Life who made all the final decisions, and some mature projects still operate that way. Guido van Rossum famously called his language “Python” because he liked the British comics of the same name. That’s the sort of thing that only a single developer can get away with. However, in these modern times of GitHub, GitLab, and other collaboration platforms, community-driven decision making has become a more and more common phenomenon, shifting software development towards democracy. People begin to think of themselves as “Python programmers” or “GIMP users” and the name of the project fuses irrevocably with their identity. What happens when software projects fork, develop apart, or otherwise change significantly? Obviously, to prevent confusion, they get a new name, and all of those “Perl Monks” need to become “Raku Monks”. Needless to say, what should be a trivial detail — what we’ve all decided to call this pile of ones and zeros or language constructs — can become a big deal. Don’t believe us? Here are the stories of renaming Python, Perl, and the GIMP.

  • How to teach (yourself) computer programming

    Many fellow students are likely in the same boat, the only difference being that the vast majority not only that don’t list computer science as one of their passions (but more as one of their reasons for not wanting to live anymore), but they get a very distorted view of what computer science and programming actually is.

    Said CS classes tend to be kind of a joke, not only because of the curriculum. The main reason why they are bad and boring is the way they are taught. I am going to address my main frustrations on this matter together with proposed solutions and a guide for those who want to start learning alone.

  • [Old] Perl Is Still The Goddess For Text Manipulation

    You heard me. Freedom is the word here with Perl.

    When I’m coding freely at home on my fun data science project, I rely on it to clean up my data.

    In the real world, data is often collected with loads of variations. Unless you are using someone’s “clean” dataset, you better learn to clean that data real fast.

    Yes, Perl is fast. It’s lightening fast.

Server: Ubuntu 19.10 Release Schedule, IBM LinuxONE III with Ubuntu and SUSE on Cloud Foundry Foundation and More LF

  • Ubuntu 19.10 Release Schedule and Expected Features

    This is a continually updated article to inform you about Ubuntu 19.10 release date, features and other important things associated with it. The development for Ubuntu 19.10 is nearing its end and it’s time to look at what new features and improvement this new release brings. Ubuntu 19.10 is an important release because it will set the course of development for Ubuntu 20.04 LTS (long term support). I have always felt that the LTS version release takes a lot of features from its predecessor. In other words, Ubuntu 19.10 will be a glimpse of the features you would be getting in Ubuntu 20.04.

  • Announcing the new IBM LinuxONE III with Ubuntu

    Enterprises today need the most secure, and flexible system to support their initiatives, and for that system to grow and evolve for tomorrow. The latest LinuxONE system was designed to support mission-critical initiatives and allow enterprises to be innovative as they design and scale their environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. Reliability and continuity are critical to the success of any business. With this release, they’ll benefit from up to 10:1 consolidation for key workloads, and up to 190 cores and 40TB of memory. And with 99.999%* availability and up to 7.4x better resilience, enterprises can confidently run and scale their business-critical workloads. The new LinuxONE III provides the highest levels of availability and scalability, so business-critical workloads run flawlessly, recover quickly, and grow seamlessly.

  • Project Quarks: Native Cloud Foundry for Kubernetes

    At the recent Cloud Foundry Summit EU in the Netherlands, Vlad Iovanov of SUSE gave a keynote demo of Project Quarks, the project that integrates Cloud Foundry and Kubernetes, by packaging the Cloud Foundry Application Runtime as containers instead of virtual machines. Vlad explains the current capabilities of Quarks, with a look at its future as a Kubernetes Operator. It’s a fairly technical topic, but Vlad uses creative diagrams and an understandable demo to show the power of Quarks. Cloud Foundry Foundation has posted all recorded talks from CF Summit EU on YouTube. Check them out if you want to learn more about what is happening in the Cloud Foundry world! I’ll be posting more SUSE Cloud Application Platform talks here over the coming days. Watch Vlad’s talk below...

  • Broad Deployment Of Cloud Foundry Almost Double In Just 2 Years

    As businesses embark on their digital transformation journey, developers are driving innovation across cloud native environments for building into the future. According to a recently released report by Cloud Foundry Foundation, 45 percent of user respondents describe their Cloud Foundry use as “broad” compared to 30 percent in 2018 and 24 percent in 2017. The report also revealed that 39 percent of developers are deploying applications in less than one day. What points out towards a healthy and growing community of developers is the fact that almost one in five respondents started using Cloud Foundry in just the last 12 months.

  • The Linux Foundation to Host Open Source Project for Drone Aviation Interoperability

    The Linux Foundation today announced it will host the InterUSS Platform Open Source Project to enable trusted, secure and scalable interoperability between UAS Service Suppliers (USSs) that advances safe, equitable and efficient drone operations. Initial contributors include both industry and regulatory organizations Wing, AirMap, Uber and the Swiss Federal Office of Civil Aviation (FOCA). Similar to the evolution of cities, our skies are becoming busier with traffic. In an effort to unleash innovation and ensure safety, aviation regulators around the world are implementing UAS Traffic Management (UTM, also referred to as U-Space) to support rapidly increasing and highly diverse drone operations. Under UTM, a set of USSs (also known as U-Space Service Providers orUSPs) assist drone operators to conduct safe and compliant operations. USSs can provide service in overlapping airspace and share data when required to support services such as a strategic deconfliction of flight plans and remote identification and industry is developing standards for this data sharing through organizations such as ASTM International. The InterUSS Project provides a forum for collaboration and development of standards-compliant, open source implementations that facilitate communication in the UTM/U-Space environment.

Security Leftovers

  • Security updates for Wednesday

    Security updates have been issued by CentOS (firefox and kernel), Debian (thunderbird), Fedora (curl), openSUSE (curl and python-Werkzeug), Oracle (kernel and thunderbird), Red Hat (rh-nginx114-nginx), SUSE (curl, ibus, MozillaFirefox, firefox-glib2, firefox-gtk3, openldap2, openssl, openssl1, python-urllib3, and util-linux and shadow), and Ubuntu (linux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon, and wpa).

  • SGX and security modules

    Software Guard Extensions (SGX) is a set of security-related instructions for Intel processors; it allows the creation of private regions of memory, called "enclaves". The aim of this feature is to work like an inverted sandbox: instead of protecting the system from malicious code, it protects an application from a compromised kernel hypervisor, or other application. Linux support for SGX has existed out-of-tree for years, and the effort of upstreaming it has reached an impressive version 22 of the patch set. During the upstreaming discussion, the kernel developers discovered that the proposed SGX API did not play nicely with existing security mechanisms, including Linux security modules (LSMs).

  • GitHub acquires Semmle to help developers spot security vulnerabilities [Ed: Company in NSA PRISM pretends to care about security (and also, Microsoft now uses GitHub to change people's code without asking the developers)]

    Software hosting service GitHub has acquired Semmle, a code analysis platform that helps developers discover security vulnerabilities in large codebases.